SO 14001:2015 ISO/TC 207/SC 1 reviewed interpretations 2019 14001... · SO 14001:2015 ISO/TC 207/SC...
Transcript of SO 14001:2015 ISO/TC 207/SC 1 reviewed interpretations 2019 14001... · SO 14001:2015 ISO/TC 207/SC...
Version – July 2019 SC1 website related to interpretations 1 ©ISO/TC 207/SC 1
SO 14001:2015 ISO/TC 207/SC 1 reviewed interpretations 2019 Version – September 2019
Introduction To help clarify the intent of ISO 14001:2015, the ISO process allows for interpretations to be provided by each National Member Body (NMB).
The sub-committee (SC1) has a process for managing interpretations of ISO 14001:2015. It is important to note that Interpretations do not change the requirements in ISO 14001:2015 but are intended to give users a better understanding on ISO 14001:2015.
The SC1 process includes:
it is the responsibility of each National Member Body (NMB) to respond to any interpretation enquiries it receives;
NMB interpretations are submitted to SC1 on an annual basis and reviewed at the SC1 plenary;
after the review, the interpretation is made available to the public via the e-Committee and the SC1 website;
questions about the interpretation should be referred to the NMB where the interpretation originated. Please note that some NMB use the term ‘clarification of intent’ instead of the term ‘interpretation’.
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
General ISO 14001:2015 has a very different structure than
the two previous versions. Our documentation is
aligned to the clauses that existed in the previous
version. Do we have to restructure our
documentation to follow the new clause
structure?
No.
Clause A.2 states: “The clause structure and some of the
terminology of this International Standard have been changed
to improve alignment with other management systems
standards. There is, however, no requirement in this
International Standard for its clause structure or terminology
to be applied to an organization’s environmental management
system documentation.”
SCC -
Standards
Council of
Canada
2017
Version – July 2019 SC1 website related to interpretations 2 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
General The question deals with the issue where to draw
the border line between legal requirements on
the protection of the natural environment and
those protecting occupational health and safety
issues, when it comes to certification of an
environmental management system under ISO
14001. The certification body found that our
environmental management system did not fully
comply with the requirements in ISO 14001:2015,
since the documentation of legal requirements,
linked to some of the environmental aspects, did
not include some of the pieces of legislation
covering occupational health and safety issues.
According to our company there is no link
between any of the environmental aspects and
occupational health and safety issues.
All organizations are obliged to comply with all applicable
legislation. This case deals with the legal requirements that
need to be taken into account in the environmental
management system under ISO 14001:2015. The standard says
that the organization shall ”determine and have access to the
compliance obligations related to its environmental aspects,
determine how these compliance obligations apply to the
organization and take these compliance obligations into
account when establishing, implementing, maintaining and
continually improving its environmental management system”
(Section 6.1.3). Furthermore, the organization shall ”maintain
documented information of its compliance obligations”
(Section 6.1.3).
The concept of compliance obligations is broader than legal
requirements, i e it is a generic term for "legal and other
requirements". The handling of such other requirements
follow the same procedure that applies to the legal
requirements.
According to the question, there are no environmental aspects
in this case that can be linked to legal requirements concerning
occupational health and safety issues, implying that they do
not need to be included the mentioned documented
information in accordance with the requirements of ISO 14001:
2015. However, it is necessary to pay attention to some
SIS -
Swedish
Institute
for
Standards
2018
Version – July 2019 SC1 website related to interpretations 3 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
regulation outside the environmental arena. For example, the
Swedish Civil Contingencies Agency, may have issued
legislation on the transport of hazardous goods that may
include rules that are applicable to both the natural and
working environment. In principle, the same procedures apply
for those organizations that still use ISO 14001: 2004.
However, organizations that have implemented an
environmental management system under ISO 14001 may find
it useful to include other than environmental issues in its
management system. If so, an organization may consider it
appropriate that its management system keeps track of both
environmental and non-environmental legal requirements of
importance. Such aspects and legal requirements shall not be
considered and consequently be excluded in the certification
of an environmental management system established under
the ISO 14001: 2015. If, on the other hand, the organization
has chosen to include non-environmental issues in the scope of
its environmental management system it also includes
corresponding legal requirements.
General
6.1.1,
6.1.3
In some places in the Standard, the organization
is directed to take certain items into account,
while in other places in the Standard, the
organization is directed to “consider” certain
items. Is there a difference?
ISO 14001 uses the word “consider” and the phrase “take
into account” with a specific intent. The word “consider”
means it is necessary to think about the topic but it can be
excluded; whereas “take into account” means it is necessary
to think about the topic but it cannot be excluded.
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 4 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
As an example, in Section 6.1.1, when planning its EMS, the
organization shall consider the issues referred to in Section
4.1, “Understanding the organization’s context”. ISO 14001
requires the organization to think about these issues, but it
does not necessarily have to address these issues in its EMS.
Alternatively, in Section 6.1.3, “Compliance obligations” for
example, the requirement “take these compliance
obligations into account when establishing, implementing,
maintaining and continually improving its EMS, means the
organization must address its compliance obligations in its
EMS.
3 Are the references to other standards in the Notes
to Entry in Clause 3 (Terms and definitions)
normative?
No.
A normative reference is a reference to another document that
is indispensable for the application of the standard. If a
document is normatively referenced, an organization must
conform to it in order to conform with the standard. As Clause
2 states, there are no normative references in ISO 14001:2015.
ISO 14001 is a standalone document that can be applied
without reference to any other documents.
While “Notes to Entry” in Clause 3 (Terms and definitions) are
normative, references to other standards in those Notes to
Entry are informative only.
For example, Notes 3 and 4 to Entry 3.2.10 (“risk”) refer to
definitions of “events”, “consequences” and “likelihood” in ISO
SCC -
Standards
Council of
Canada
2017
Version – July 2019 SC1 website related to interpretations 5 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
Guide 73:2009. Note 4 to Entry 3.4.1 (“audit”) refers to
definitions of “audit evidence” and “audit criteria” in ISO
19011:2011.
These references to other standards are provided for
information only. There is no need to purchase additional
standards. Furthermore, anyone interested in the terms and
definitions in other ISO standards can preview elements of
these standards on the ISO Online Browsing Platform (OBP) at
no charge, including the Foreword, Introduction, Scope,
Normative references and Terms and definitions.
Access is enabled by visiting the ISO site at
https://www.iso.org/obp/ui.
3.0, 3.2.6,
6.2
Is Section 3, Terms and Definitions, binding and,
if so, may an auditor determine whether
"appropriate" environmental objectives have
been set to meet the requirements of
definitions 3.2.6?
The Introduction to Section 3, Terms and Definitions states:
“For purposes of this document, the following terms and
definitions apply.” The only sections of ISO 14001 against
which an organization’s conformance is audited are Sections
4 through 10, EMS Requirements, the terms of which are
clarified by the Definitions in Section 3. With regard to
environmental objectives, an auditor is limited to assessing
whether the organization conforms to the requirements
specified in Section 6.2. If the environmental objectives are
consistent with the environmental policy, and their
development has taken into account the organization’s
significant environmental aspects and associated
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 6 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
compliance obligations and considered its risks and
opportunities then the objectives are consistent with the
standard.
3.1.5 Are there any situations in which “top
management” refers to persons outside the scope
of the environmental management system?
No.
Top management is defined in relation to the scope of the
EMS. If the EMS covers the entire organization, top
management is the person or people who direct and control
the entire organization. If the EMS covers only part of an
organization, top management is the person or people who
direct and control that part of the organization. Note 2 to Entry
in the definition of top management (3.1.5) is intended to
clarify this point, but the phrase “the scope of the
management system” in that Note to Entry might lead to some
confusion. This phrase means the scope of the environmental
management system. It should not be misunderstood as a
reference to an organization’s generic management system,
quality management system or some other discipline‐specific
management system. It is not intended to broaden the scope
of the EMS beyond what the organization has established or to
extend the scope of the internal audit beyond the scope of the
EMS.
SCC -
Standards
Council of
Canada
2017
3.2.9 Does the term “compliance obligation” in ISO
14001:2015 have the same meaning as the phrase
“legal requirements and other requirements to
which the organization subscribes” in the previous
Yes.
Clause A.3 states: “The phrase ‘compliance obligations’
replaces the phrase ‘legal requirements and other
requirements to which the organization subscribes’ used in
SCC -
Standards
Council of
Canada
2017
Version – July 2019 SC1 website related to interpretations 7 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
edition? prior editions of this International Standard. The intent of this
new phrase does not differ from that of the previous edition.”
3.2.10 There appears to be ambiguity in ISO 14001:2015
regarding whether the term “risk” has only a
negative connotation or includes both negative
and positive connotations. The definition of “risk”
(3.2.10) states that risk can be positive or
negative, but the definition of “risks and
opportunities”(3.2.11) implies that risk is only
negative, while opportunities are positive. May an
organization decide for itself whether to use the
term “risk” in its Environmental Management
System as a solely negative concept or as both a
negative and positive concept?
Yes.
ISO 14001:2015 requires an organization to identify and
address both the potential adverse and the potential beneficial
effects of uncertainty, but the organization may decide for
itself what terminology it will use to capture these concepts.
Each organization may decide for itself whether to use the
term “risk” to capture potential adverse effects of uncertainty
and the term “opportunities” to capture potential positive
effects of uncertainty, or to use the term “risk” to encompass
both potential negative and positive effects of uncertainty. As
Annex A.2 states, there is no requirement to apply the
terminology used in the standard to the organization’s EMS
documentation, or to replace the terms used by the
organization with the terms used in the standard. In deciding
what terms to use, organizations should be aware that
although the definitions of “risk” (3.2.10) and “risks and
opportunities” (3.2.11) take different approaches to the
concept of risk, only the term “risks and opportunities” is used
in the clauses of the standard that contain requirements.
SCC -
Standards
Council of
Canada
2017
3.3.4 In Note 1 to Entry 3.3.4 “outsource,” does the
phrase “outside the scope of the management
system” mean “outside the scope of the
environmental management system”?
Yes.
The intent of the definition of “outsource” in ISO 14001:2015 is
to cover situations where a process or function that is within
the scope of the environmental management system is
SCC -
Standards
Council of
Canada
2017
Version – July 2019 SC1 website related to interpretations 8 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
performed by an organization that is outside the organizational
boundaries of the environmental management system as
determined by the organization. The definition is not intended
to capture processes or functions that are outside the scope of
the environmental management system as established by the
organization.
4.1
4.2
7.5
Is an organization required to establish a process
in order to meet the requirements in 4.1 and 4.2
that it determine its context, relevant interested
parties and their needs and expectations?
Is an organization required to develop and
maintain documented lists of its external and
internal issues, its relevant interested parties and
their needs and expectations?
Clauses 4.1 and 4.2 do not state a requirement for a process
nor does it state a requirement for maintaining or retaining
documented information.
The intent behind using the word “determine” is that the
organization generates information (knowledge) regarding its
“understanding of the needs and expectations of interested
parties” and of its “external and internal issues.” A secondary
intent in changing from the use of the word “identify” in the
2004 edition of ISO 14001 to “determine” in the 2015 edition is
to conform to Annex SL management system terminology.
The term “determine” implies that the organization make
some specific effort to generate information that results in
knowledge. While a process is not required for these
determinations, whether or not to have a process is a
consideration for the organization to make when developing
its EMS (See Clause 4.4).
The decision to document the knowledge gained or the means
of acquiring it is made by the organization by considering
ANSI -
American
National
Standards
Institute
2017
Version – July 2019 SC1 website related to interpretations 9 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
Clause 7.5.1, which gives the organization flexibility as to which
processes it needs to document and records it needs to keep in
order to make the EMS effective. If the organization decides
documentation is the best way to give guidance to users and to
achieve consistency, then documentation should be
considered.
Whether documented or not, an understanding of the relevant
needs and expectations of interested parties as well as of
external and internal issues would be evident in the
implemented EMS; for example, in the determination of risks
and opportunities that need to be addressed.
4 and 6 Does ISO 14001 require an organization to
demonstrate that it has addressed requirements
related to environmental aspects, significant
environmental aspects, policy commitments,
context issues and concerns, risk and
opportunities and compliance obligations
individually for each corresponding sub-clause in
ISO 14001, or can an organization demonstrate
that it has addressed these collectively, through
the significant environmental aspects
determination process? For example, can an
organization consider its policy commitments,
context and compliance obligations to inform it’s
determination of significant aspects?
ISO 14001 does not mandate separate processes or procedures
to be used for “addressing” its requirements – provided the
requirements are, in fact, addressed. For example, an
organization might have a single “environmental planning”
process that addresses a number of requirements set out in
Clauses 4 and 6. The organization needs to provide evidence
that each of the separate requirements are addressed.
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 10 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
(4 and 6)
6.1.1
6.1.2
3.2.11
3.2.2
Does ISO 14001:2015 allow an organization to
consider environmental risks and opportunities as
environmental aspects, and those aspects that it
intends to address, as its significant environment
aspects?
There is a relationship between an organization’s significant
environmental aspects and the risks and opportunities related
to its environmental aspects (see 6.1.1), but they should not be
necessarily treated as identical. The definition of “risks and
opportunities” is not the same as “significant environmental
aspects.” ISO 14001 defines risks and opportunities as
potential adverse effects (threats) and potential beneficial
effects (opportunities). A significant environmental aspect is
defined as an environmental aspect (3.2.2) that has or can
have one or more significant environmental impact(s), whether
adverse or beneficial.
Environmental aspects can result in risks and opportunities,
which can be determined as part of the significance evaluation,
or determined separately. If an aspect has been identified as a
significant environmental aspect, the organization would need
to address the identified risks and opportunities associated
with this aspect, in order to minimize or prevent its adverse
impact, or enhance its beneficial effect on the environment.
However, there may be other risks and opportunities that need
to be addressed in the environmental management system
(see 6.1.1). This can include risks or opportunities for an
organization, related to
· its compliance obligations (see 6.1.3);
· other issues and requirements referred to in 4.1 and
ANSI -
American
National
Standards
Institute
2018
Version – July 2019 SC1 website related to interpretations 11 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
4.2, e.g., risks or opportunities from environmental conditions that can affect the organization in negative or positive ways.
5.2
[secondary
references
: 4.2, 5.3,
6.1.3,
6.1.4, 6.2.,
7.2, 7.3,
7.4.3,
7.5.1, 9.1.,
9.2, 9.3,
10.2]
What is meant by the “commitment to fulfil its
compliance obligations” in Section 5.2(d) in ISO
14001?
The relationship between ISO 14001 and regulatory
compliance is addressed in a number of places in ISO 14001.
To understand what is meant by the “commitment to fulfill
its compliance obligations,” the standard has to be read as a
whole and the relationship between the relevant provisions
of the standard understood. This commitment is
demonstrated through the EMS processes and actions that
the organization establishes, implements and maintains to
meet ISO 14001 requirements, as follows:
• With an understanding of the needs and expectation of
the organization’s interested parties, including regulatory
agencies in particular (Section 4.2), establish, implement
and maintain a process to determine and have access to the
applicable legal requirements, and to determine how these
requirements apply to the organization (Section 6.1.3). Take
these requirements into account when planning its EMS
(Section 6.1.4).
• Establish documented objectives that take into account its
legal requirements associated with its significant
environmental aspects (Section 6.2.1). [Note: environmental
objectives need not address every legal requirement].
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 12 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
• Plan actions to achieve environmental objectives,
including those relating to compliance with legal
requirements (Section 6.2.2).
• Those persons whose work can affect the organization’s
ability to fulfill its compliance obligations must be
competent based on training, education and/or experience
(Section 7.2).
• Ensure persons doing work under the organization’s
control are aware of the implications of not conforming with
the EMS, including not fulfilling the organization’s
compliance obligations (Section 7.3).
• Communicate EMS information externally, as required by
the organization’s compliance obligations and its own
communication process (Section 7.4.3).
• Establish, implement and maintain a process to
periodically evaluate compliance with legal requirements
(Section 9.1.2). These are the legal requirements identified
pursuant to Section 6.1.3.
• Establish, implement and maintain a program for
periodically conducting EMS audits, which necessarily
include those elements of the EMS that are compliance-
related (Section 9.2).
• React to nonconformities, evaluate the need for action
eliminate the cause(s) and implement corrective action
needed (Section 10.2). Detected non-compliance with legal
Version – July 2019 SC1 website related to interpretations 13 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
requirements must be corrected.
Taken together, these provisions mean that an organization
implementing ISO 14001 must systematically identify and
manage its compliance obligations in line with its
commitment to fulfill them. The organization’s EMS must
include the components listed above and be properly
supported with adequate resources and defined
responsibilities (Section 5.3), documented information
(Section 7.5.1), and evaluation of performance (Section 9).
The commitment to comply is reinforced by the
requirement that top management periodically review the
adequacy, suitability and effectiveness of the EMS (Section
9.3).
A legal noncompliance is not necessarily elevated to an EMS
nonconformity if, for example, it is identified and corrected
by the EMS processes. Compliance-related nonconformities
need to be corrected, even if those nonconformities have
not resulted in an actual noncompliance.
5.2, 4.3 Element 5.2 Environmental Policy states, ‘top
management shall establish, implement and
maintain an environmental policy that, within
the defined scope of its EMS, is...’ Does this
No. The Standard requires that an organization define and
document the scope of its EMS (Section 4.3) and that top
management establish, implement and maintain an
environmental policy (Section 5.2). However, there is no
requirement in ISO 14001 that an organization include specific
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 14 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
mean that the policy statement must now
include wording from the scope statement to
link the operations of a location to the policy
statement?
wording from its EMS scope statement within its
environmental policy.
As used in Section 5.2, the phrase ‘within the defined scope of
its environmental management system’ is intended to promote
consistency between the scope statement and the
environmental policy. In particular, this phrase reinforces the
concept that the policy must be appropriate to the nature,
scale and environmental impacts associated with the full range
of activities, products and services covered by the EMS scope.
It is not necessary to include wording from the scope
statement in the policy.
5.2, 4.3,
3.1.4
In determining whether the environmental
policy is "appropriate to the purpose and
context of the organization, including the
nature, scale and environmental impacts of its
activities, products and services," is it relevant
for an auditor to determine whether the scope
of the policy covers all of the management units
within the organization being audited?
The auditor must determine whether the policy is
appropriate for all of those management units that are
within the scope of the EMS, as it has been defined by the
organization. Once the scope has been defined, all activities,
products, and services that fall within its boundaries need to
be included. The sum of those units must be consistent with
the Section 3.1.4 definition of an “organization.”
ANSI -
American
National
Standards
Institute
2019
6.1 Does the organization have to identify at least one
risk or opportunity that needs to be addressed,
i.e. at least one potential adverse effect (threat) or
beneficial effect (opportunity) that needs to be
addressed?
Although there is no explicit requirement in Clause 6.1. of ISO
14001:2015 that an organization will identify one or more risks
or opportunities that need to be addressed, there is an
underlying assumption that the organization will do so.
2017
Version – July 2019 SC1 website related to interpretations 15 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
Risks and opportunities are defined as potential adverse
effects (threats) or beneficial effects (opportunities), which
may result from environmental aspects, compliance
obligations, or from other issues and requirements identified
as part of the context of the organization. The intent is for the
organization to determine which risks or opportunities it
considers to be important to address within its EMS, in order
to achieve the intended outcomes of its EMS and support
continual improvement.
6.1.2 Does ISO 14001:2015 require Life Cycle
Assessments (LCAs) to be completed as part of the
enhanced life cycle perspective requirements?
ISO 14044:2006 Clause 3.2.1, defines a life cycle assessment as
“a compilation and evaluation of the inputs, outputs and the
potential environmental impacts of a product system
throughout its life cycle”.
ISO 14001:2015 requires taking a life cycle perspective. In
Annex A6.1.2, a life cycle perspective is explained as follows:
“This does not require a detailed life cycle assessment; thinking
carefully about the life cycle stages that can be controlled or
influenced by the organization is sufficient”. The life cycle
stages of a product (or service) include acquisition of raw
materials, design, production, transportation/delivery, use,
end-of life treatment and final disposal (3.3.3). In Clause 6.1.2,
ISO 14001:2015 requires the organization to consider these life
cycle stages when determining the environmental aspects that
it can control or can influence.
ANSI -
American
National
Standards
Institute
2016
Version – July 2019 SC1 website related to interpretations 16 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
6.1.2 Must a regulated environmental aspect
automatically be considered a significant
environmental aspect?
No. Section 6.1.2 requires an organization to “determine
those aspects that have or can have a significant
environmental impact, i.e., significant environmental
aspects, by using established criteria.” ISO 14001 does not
establish the criteria for determining significance. Section
A.6.2 states that environmental criteria are the primary and
minimum criteria for assessing environmental aspects, but it
is the organization that sets the criteria for determining
those that are significant.
ANSI -
American
National
Standards
Institute
2019
6.1.2 Does ISO 14001:2015 require the organization to
apply a life cycle perspective when determining
which of its environmental aspects are significant,
i.e., in its criteria for determining significance?
In Clause 6.1.2 of ISO 14001:2015, an organization needs to
consider a life cycle perspective when identifying the
environmental aspects that it can control or influence.
There is no single method for determining significant
environmental aspects. As stated in A.6.1.2, environmental
criteria are the primary and minimum criteria for assessing
environmental aspects to determine significance. The
organization has the autonomy to apply additional criteria,
including criteria related to life cycle perspective.
ANSI -
American
National
Standards
Institute
2016
6.1.2
Is it permissible for a small organization to
declare that they have no significant aspects
and still be conformant to the ISO 14001
standard?
Although there is no explicit requirement in ISO 14001 that
an organization will identify one or more significant
environmental aspects, there is an underlying assumption
that the organization will do so. The intent of the
requirement to determine those aspects that an
organization considers significant is to enable the
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 17 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
organization to focus attention and resources on its most
important environmental aspects, recognizing that not all
aspects require or deserve the same degree of
management. ISO 14001 does not define “significance” nor
does it identify any external or absolute standard for what
will be considered significant. Significance is intended to be
a relative term. What is significant for one organization may
not be for another, and what an organization considers a
significant aspect may change over time. The use of
‘significance’ in ISO 14001 was intended to be an aid in
managing a range of environmental aspects.
There is no special category of requirements in ISO 14001
for “small” organizations. The requirements for an ISO
14001 EMS, including those regarding significant aspects,
are intended to apply to “…all types and sizes of
organizations…”
Note: Regarding whether an organization has to identify at
least one risk or opportunity that needs to be addressed,
i.e., at least one potential adverse effect (threat) or
beneficial effect (opportunity), see COI 16-08.A2.
6.1.3 Does Section 6.1.3 “Compliance obligations”
require that the “facility” (the relevant
organization) must have its own direct
knowledge of the environmental legal
This question refers specifically to Section 6.1.3 which
requires that “The organization shall determine and have
access to compliance obligations related to its
environmental aspects”.
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 18 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
requirements that are applicable to its products
in all countries into which they may be exported
and not be able to rely on either a related
corporate entity which sells the product in a
foreign country or an independent importer
customer to which it ships the product to have
and apply such information?
With regard to products, the Standard does not specify
geographic boundaries, nor how the determination and
access requirements can be accomplished by the
organization. Section 6.1.1 requires the organization to
establish, implement and maintain a process to meet the
requirements in 6.1.2 – 6.1.4. Therefore, it is up to the
organization to establish a process as to how it will
determine and have access to such legal requirements. This
may depend largely on the scope of the EMS and the level
of control or influence an organization can exercise over its
products as stated in Section 6.1.2. If the organization
defines its process as depending on outside organizations to
assist it in meeting that requirement, then that is the choice
of the organization. The Standard provides flexibility to the
organization to define how such legal requirements will be
determined and who will do it.
6.1.3 Must an organization have access to the ISO
14001 standard either in hard copy, via
computer or by an external source since the
organization is certified to that standard?
An organization seeking to conform to ISO 14001 must have
access to information related to the ISO 14001
requirements, including any subsequent revision, so that it
can take these requirements into account in establishing,
implementing and maintaining its environmental
management system.
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 19 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
Several sources of this information are available to an
organization including, but not limited to, an electronic or
hard copy of the ISO 14001 standard itself.
6.1.3,
3.2.1
Can an organization address only applicable EPA
legal requirements when identifying its legal
requirements affecting the EMS and exclude
any applicable OSHA requirement when the
definition of environment in ISO 14001 states
"surroundings in which an organization
operates, including air, water, land, natural
resources, flora, fauna, humans and their
interrelationships”?
Clause 6.1.3, “Compliance obligations” requires an
organization to determine the legal requirements and other
requirements that it has to, or chooses to, comply with
related to its environmental aspects. Regulations issued by
an “environmental” agency are not necessarily the only
legal requirements applicable to environmental aspects. It is
not a matter of which agency issues a legal requirement, but
rather whether that requirement applies to an identified
environmental aspect within the scope of the EMS. While
“humans” are included in the definition of environment, not
all legal requirements that apply to “humans” are
necessarily applicable to its environmental aspects, or part
of its EMS.
ANSI -
American
National
Standards
Institute
2019
6.1.3,
7.5.3,
3.2.9
Is ISO 14001Standard a “compliance obligation”
under Clause 6.1.3 and also a document of
external origin?
Yes, ISO 14001 is a “compliance obligation”. ISO 14001
defines compliance obligations (see 3.2.9) to include
requirements that an organization has to or chooses to
comply with, and notes that these can arise from mandatory
requirements as well as voluntary commitments, such as
organizational and industry standards, and codes of
practice.
ISO 14001 is documented information of external origin. The
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 20 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
organization cannot update it on its own. The Technical
Committee, through ISO, issues revisions.
6.1.3,
6.1.2,
7.5.1
Does clause 6.1.3(a) mean that an organization
must demonstrate a linkage, if any, between
each aspect and its applicable legal and other
requirements (i.e., its compliance obligations)?
If so, what documentation is required?
Clause 6.1.3(a) of ISO14001 requires an organization to
determine and have access to the legal requirements that the
organization has to or chooses to comply with (i.e., compliance
obligations) related to its environmental aspects. An
organization must identify and have access to the
requirements that pertain to its environmental aspects, and
must also know how these requirements apply to the
organization. The intent is that the organization understands
these requirements sufficiently to address them in the EMS.
ISO 14001 does not require establishing a “linkage” between
each environmental aspect and the identified compliance
obligations.
Regarding documentation, ISO 14001 Clause 6.1.3 requires the
organization to maintain documented information of its
compliance obligations. However, there is no specific
requirement in ISO 14001 for documenting the determination
of how compliance obligations apply. Clause 7.5.1(b)
Documented Information - General leaves it up to each
organization to determine the documented information that is
necessary to ensure the effectiveness of the EMS.
ANSI -
American
National
Standards
Institute
2019
6.1.3 Does Section 6.1.3 “Compliance obligations”
require that the “facility” (the relevant
This question refers specifically to Section 6.1.3 which
requires that “The organization shall determine and have
ANSI -
American
2019
Version – July 2019 SC1 website related to interpretations 21 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
organization) must have its own direct
knowledge of the environmental legal
requirements that are applicable to its products
in all countries into which they may be exported
and not be able to rely on either a related
corporate entity which sells the product in a
foreign country or an independent importer
customer to which it ships the product to have
and apply such information?
access to compliance obligations related to its
environmental aspects”.
With regard to products, the Standard does not specify
geographic boundaries, nor how the determination and
access requirements can be accomplished by the
organization. Section 6.1.1 requires the organization to
establish, implement and maintain a process to meet the
requirements in 6.1.2 – 6.1.4. Therefore, it is up to the
organization to establish a process as to how it will
determine and have access to such legal requirements. This
may depend largely on the scope of the EMS and the level
of control or influence an organization can exercise over its
products as stated in Section 6.1.2. If the organization
defines its process as depending on outside organizations to
assist it in meeting that requirement, then that is the choice
of the organization. The Standard provides flexibility to the
organization to define how such legal requirements will be
determined and who will do it.
National
Standards
Institute
6.1.3,
7.5.3
Are the compliance obligations identified under
Clause 6.1.3 also documented information of
external origin under clause 7.5.3?
Yes, as long as the source of the documented information
that contains the compliance obligations is generated,
documented and controlled by an entity external to the
organization.
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 22 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
6.1.4 In Clause 6.1.4 A(3), which “risks and
opportunities” is an organization required to plan
actions to address?
An organization is not required to plan actions to address every
risk and opportunity, only those it has determined need to be
addressed. This determination is an output of Clause 6.1.1. An
organization retains the authority and accountability to decide
how it fulfils the requirements of ISO 14001, including
determining which risks and opportunities need to be
addressed.
ANSI -
American
National
Standards
Institute
2017
6.2 Is it a non-conformance if an organization
establishes environmental objectives but, at the
time of the audit, none relate to an identified
significant aspect?
No. Clause 6.2.1 requires that significant environmental
aspects and compliance obligations be taken into account
when establishing and reviewing environmental objectives.
It also requires that risks and opportunities be considered.
However, it does not explicitly require that there be an
objective related to significant aspects, compliance
obligations or risks and opportunities at all times. It is the
intent of the standard that the organization be able to
demonstrate that it has taken significant aspects and
compliance obligations into account, and that it considers
risks and opportunities in setting objectives. Over time,
however, given the required commitment to continual
improvement, it would be expected that there would be
one or more objectives related to one or more significant
aspects, compliance obligations and risks and opportunities
to demonstrate conformance to ISO 14001.
ANSI -
American
National
Standards
Institute
2019
6.2.1, Must objectives be set which are explicitly This question refers specifically to the setting of ANSI - 2019
Version – July 2019 SC1 website related to interpretations 23 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
6.1.2,
6.1.3, 5.2
related to the organization's commitment to
environmental protection, including pollution
prevention or are the scope and content of
environmental objectives solely at the
discretion of the organization?
environmental objectives, which is covered by Section 6.2 of
the standard.
This question raises the issue that one cannot read a particular
sentence or section of the ISO 14001 standard in isolation from
the other sections of the standard. There is an
interrelationship between the requirements in some sections
with the requirements in other sections. This question deals
with one of those interrelationships.
Section 6.2 does not by itself require that the documented
objectives explicitly mention environmental protection or
prevention of pollution. However, Section 6.2 does require the
organization to take into account its significant environmental
aspects and associated compliance obligations when setting its
objectives. It also clearly states that the objectives “shall be
consistent” with the organization’s environmental policy.
According to section 5.2 the environmental policy, which is set
by top management and must be implemented and be made
available to the public, must include commitments to the
protection of the environment including prevention of
pollution. Therefore, while organizations have the discretion to
set their own objectives, they must do so within these
parameters.
In addition, setting environmental objectives is not the only
way that an organization can support its commitment to
American
National
Standards
Institute
Version – July 2019 SC1 website related to interpretations 24 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
environmental protection, including prevention of pollution.
An organization can take action within the EMS related to
competence, awareness, and communication (see clause 7,
Support); operational planning and control, or emergency
preparedness and response (see clause 8, Operation); or
monitoring, measurement, analysis, and evaluation (see clause
9, Performance Evaluation). Note: The above Q&A originally
related to both compliance with regulatory requirements as
well as prevention of pollution. The discussion on compliance
with regulatory requirements has been moved to the
subsequent Q&A 99-03.A1.
7.2 Does ISO 14001 imply some consideration by
the organization of legal requirements for
training of employees in establishing
competence and training?
ISO 14001 in Section 7.2 requires the determination of
training needs associated with an organization’s
environmental aspects and its environmental management
system. If an organization is legally required to provide
certain kinds of training, such training should be identified
as a "need."
ANSI -
American
National
Standards
Institute
2019
7.5.1 If a small business such as a fast food franchise,
automotive dealership, flower shop, funeral
home, grocery store, pizza shop, etc. - were to
adopt ISO 14001, what level of documentation
should they provide to demonstrate conformity to
ISO 14001?
ISO 14001 clause 7.5.1 requires an organization to include
documented information required by the Standard, and any
other documented information determined by the
organization as necessary for effectiveness of its EMS. The
specific documentation required by the Standard is described
within the applicable clauses of the Standard. For example,
information about environmental aspects that must be
documented is found in clause 6.1.2.
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 25 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
The Standard recognizes that the extent of documented
information can differ from one organization to another due to
a number of reasons, including the size of the organization.
For that reason, in some clauses of the Standard it provides
flexibility for an organization to determine the extent of
documented information required. In these specific cases, it is
incumbent upon the organization to determine the level of
documentation required to ensure its EMS is implemented as
planned and determine the records necessary to provide
objective evidence of conformance to ISO 14001 requirements.
Regardless of size, an organization may determine it needs
additional documents and records, over and above what is
required by the Standard to ensure its EMS is effective.
For ease in reference, the following lists provide the minimum
documented information, either documents or records, that is
required by ISO 14001 and the applicable clause that specifies
the requirement. Where the Standard offers flexibility to the
organization, the applicable text is noted in italics.
An organization shall maintain documentation of:
— the scope of its EMS (see 4.3);
— its environmental policy (see 5.2);
— the process(es) needed to meet requirements of clause
6.1.1 through 6.1.4, to the extent necessary to have
Version – July 2019 SC1 website related to interpretations 26 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
confidence they are carried out as planned (see 6.1.1);
— the risks and opportunities that it determines need to be
addressed (see 6.1.1);
— environmental aspects and associated environmental
impacts, criteria used to determine significant
environmental aspects, and its significant environmental
aspects (see 6.1.2);
— its compliance obligations (see 6.1.3);
— its environmental objectives (see 6.2.1);
— the operational control processes needed to meet EMS
requirements and to implement the actions identified in
clause 6.1 and 6.2, to the extent necessary to have
confidence the processes have been carried out as planned
(see 8.1);
— the process(es) needed to prepare for and respond to potential emergency situations, to the extent necessary to have confidence the process(es) is (are) carried out as planned (see 8.2).
An organization shall retain records as evidence of:
— competence, as appropriate (see 7.2);
— communications, as appropriate (see 7.4.1);
— monitoring, measurement, analysis and evaluation results,
as appropriate (see 9.1.1);
— compliance evaluation result(s) (see 9.1.2);
— implementation of the audit program, and the audit results
Version – July 2019 SC1 website related to interpretations 27 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
(see 9.2);
— the results of management reviews (see 9.3);
— the nature of identified nonconformities and any
subsequent actions taken, and the results of any corrective
action (see 10.2).
7.5.3 If a facility such as a bag house collecting
hazardous materials is operated using the
manufacturer's operations manual in lieu of the
organization preparing its own internal manual
or procedures, is the manufacturer's operations
manual a document of external origin under
clause 7.5.3?
Yes, unless the organization modifies that manual and
makes it its own, in which case it becomes an internal
document. As long as the organization is committed to using
the manufacturer's manual including any subsequent
updated version, then the manual is of external origin.
ANSI -
American
National
Standards
Institute
2019
7.5.3 If a document of external origin is referenced in
a document determined necessary by an
organization for EMS planning or operational
purposes, in what ways must such documents
be identified and controlled?
This question refers specifically to the last paragraph of Section
7.5.3 which requires the organization to ensure “Documented
information of external origin determined by the organization
to be necessary for the planning and operation of the
environmental management system shall be identified, as
appropriate, and controlled”.
The standard does not specify (a) particular way(s) to identify
documented information of external origin that is necessary or
to control this information. It is up to the organization to
define the process (or processes) it will use. The intent of the
standard is that the organization considers and decides if any
external documented information is necessary for the planning
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 28 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
and operation of its EMS. If such documented information is
identified by the organization, the process(es) established
must ensure that the documented information that is
necessary to the EMS is the correct information and is
available to those who need it. It is not the intention to require
identification and control of external documented information
used only for reference purposes.
The process(es) for identifying and controlling external
documented information does not have to be the same
process(es) used for internal documented information. The
standard requires only the identification and control of
distribution of documented information of external origin and
does not require the same degree of control for such
documented information as it does for internal documented
information that are part of the EMS.
8.1 , 3.3.4 ISO 14001 Clause 8.1 requires an organization to
ensure that outsourced processes are controlled
or influenced. The text in Annex section A.8.1
states that an outsourced process is one that
fulfils a list of criteria, including “liability for
conforming to requirements is retained by the
organization;” which may allow exclusion of some
procured services that meet the definition of
outsourced processes in 3.3.4 from the “control or
ISO standards don't establish legal liability - they are voluntary
and do not change legal obligations. This criterion in A.8.1
relates to the arrangement between the parties (see definition
3.3.4) and whether or not the organization retains liability (i.e.,
responsibility) for conforming to requirements. These
requirements may include but are not limited to legal
requirements.
Outsourced processes are a subset of procured services that
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 29 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
influence” requirement in 8.1. How is the phrase
“liability for conforming to requirements” to be
understood? Does this mean strict legal liability
for compliance with environmental regulations, or
something more?
meet the criteria of A.8.1. These criteria assist an organization
in determining which of its procured services are outsourced
processes. The organization defines in its EMS the type and
extent of control or influence to be applied to the outsourced
process.
8.1 What is an outsourced process? Is every process
or service obtained from an external provider an
outsourced process?
ISO 14001:2015 defines “outsource” as “make an arrangement
where an external organization performs part of an
organization’s function or process” (see Clause 3.3.4). A
process or service obtained from an external provider is not
necessarily an outsourced process. Outsourced processes can
be viewed as a subset of these externally provided processes
or services.
Criteria that an organization can use to distinguish outsourced
processes from other processes and services are described in
Annex A.8.1, which states that an outsourced process is one
that fulfils all of the following:
– it is within the scope of the environmental management system;
– it is integral to the organization’s functioning; – it is needed for the environmental management
system to achieve its intended outcome; – liability for conforming to requirements is retained by
the organization; – the organization and the external provider have a
relationship where the process is perceived by interested parties as being carried out by the
ANSI -
American
National
Standards
Institute
2017
Version – July 2019 SC1 website related to interpretations 30 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
organization.
8.1 If an organization does not have any outsourced
processes, to what extent does clause 8.1 apply?
Do the requirements in the paragraph starting
“consistent with a life cycle perspective” only
apply to outsourced processes?
If an organization has no outsourced processes, the only
requirements of Clause 8.1 that are not applicable to its EMS
are:
– The org shall ensure that outsourced processes are
controlled or influenced.
– The type and extent of control or influence to be
applied to the processes shall be defined within the
environmental management system.
All of the other requirements in 8.1 are independent of
whether a process is outsourced or not, including the
requirements in the paragraph starting with ‘Consistent with a
life cycle perspective…’
ANSI -
American
National
Standards
Institute
2017
8.1 Does the phrase, “consistent with a life cycle
perspective’ in Clause 8.1, Operational Planning
and Control mean than an organization needs to
consider a life cycle perspective a second time,
with regard to operational planning and control?
There is no requirement in Clause 8.1 that the organization
undergo an activity to reconsider a life cycle perspective. There
is also no requirement for a formal life cycle assessment (see
COI 16-01.A1). The four bullets in Clause 8.1 paragraph 4, a) to
d) specify requirements that are typically associated with
specific life cycle stages.
ANSI -
American
National
Standards
Institute
2017
8.1 The operational control clause of ISO 14001:2004
(Clause 4.4.6) referred to identifying and planning
those operations associated with significant
environmental aspects. The operational planning
As was the case in ISO 14001:2004 Clause 4.4.6, Clause 8.1 in
the revised standard remains focused on planning and
controlling the operations of an organization. The organization
decides the controls needed for operational processes
ANSI -
American
National
Standards
2017
Version – July 2019 SC1 website related to interpretations 31 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
and control clause of ISO 14001:2015 (Clause 8.1)
refers to processes needed to meet
environmental management system
requirements. Does the revised standard still refer
to control of the organization’s operational
processes?
associated with its significant environmental aspects,
compliance obligations, risks and opportunities that need to be
addressed, and environmental objectives. These operational
processes are controlled by establishing operating criteria and
implementing methods to meet the criteria.
Institute
8.1, 7.2,
7.3, 7.4,
8.2
Company A out-sources part of their production
operations (e.g., parts metal coating or painting)
to Company B. Company B is a separate
company located in a different
city/state/country. Is Company B considered
“persons doing work under” Company A’s
control? If so, what does ISO 14001 require
Company A to do regarding ensuring the
competence of Company B? What does ISO
14001 require Company A to do regarding
identifying training needs for Company B
employees?
This question arises from the phrase “persons doing work
under its control.” This phrase, appears in four places in the
normative clauses of ISO 14001:
1. the organization must determine the necessary competence
of persons doing work under its control that affects its
environmental performance and its ability to fulfil its
compliance obligations, and ensure that these persons are
competent on the basis of appropriate education, training or
experience, (Section 7.2, a-b) , and
2. persons doing work under the organization’s control must
be made aware of certain key provisions of its EMS (Section
7.3, a-d).
3. the organization must ensure its communication process(es)
enable(s) persons doing work under the organization’s control
to contribute to continual improvement (Section 7.4.2, b).
4. the organization must provide relevant information and
training related to emergency preparedness and response, as
appropriate, to relevant interested parties, including persons
working under its control (Section 8.2, f).
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 32 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
The phrase “doing work under the organization’s control” is
not defined in ISO 14001. The organization implementing the
EMS determines who those persons are, based on the
activities, products, and services within the scope of the EMS
established by the organization. The overall intent of the
phrase is to ensure the organization looks beyond its direct
employees and considers other persons performing tasks
within that scope when addressing competence and awareness
requirements. The use of this phrase is not intended to change
any legal relationship between the organization and any
individual.
The phrase clearly covers an organization’s own employees,
including contract and temporary employees. It also could
apply to individual contractors, or individuals employed by
contractors working for the organization or other suppliers of
goods or services if those individuals are engaged in tasks
within the scope of the organization’s EMS. Persons covered by
this phrase will be determined by the organization on a case-
by-case basis.
The requirements for ensuring competence, awareness, its
internal communication process, and information or training
on emergency preparedness and response in key EMS
provisions apply to all persons performing tasks for or on
Version – July 2019 SC1 website related to interpretations 33 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
behalf of the organization within its EMS scope. The
requirements related to competency, however, apply only to a
subset of such persons: those performing tasks which can
affect its environmental performance and its ability to fulfil its
compliance obligations. For these persons, Section 7.2 requires
that the organization ensure that they are competent (based
on education, training or experience).
Section 7.2 also requires an organization to identify training
needs associated with its environmental aspects and its EMS.
Although it does not explicitly require identifying training
needs of persons who work “on its behalf”, such persons
would be included if the tasks they perform are identified as
requiring training. This section does not require the
organization to provide training to such persons, but it does
require that needs for training be identified and met. ISO
14001 does not specify the method or processes that an
organization must use to satisfy any of the requirements of
Section 7.2.
In the example given in the question, Company A would need
to determine whether there are any tasks being performed by
persons within Company B that are related to Company A’s
environmental aspects of activities, products or services within
its EMS scope. If so, Company A would need to implement
some mechanism(s) to make them aware of the particular EMS
Version – July 2019 SC1 website related to interpretations 34 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
requirements related to these particular tasks (see Section 7.3
a-d). Company A also would need to determine if there are any
tasks that can affect its environmental performance or ability
to fulfill its compliance obligation, or, are related to emergency
preparedness and response being performed by persons within
Company B. If so, Company A would be required to establish
some means of ensuring that those persons are competent to
perform those tasks. ISO 14001 does not specify how this
should be done. Company A has the discretion to establish a
process that best suits its needs.
If the identification of persons doing work under the
organization’s control raises questions of potential legal
liability, those should be addressed by the organization’s legal
counsel.
8.2 8.2 e) requires the organization to review “and”
revise the process(es) and planned response
actions. Here, the word “shall” apply to both verbs
(organization SHALL review… / organization SHALL
revise…). Is an organization ALWAYS required to
“revise” the process(es) ?
If the periodical review shows that the process(es) and planned
response actions has(have) no trouble/problem AT ALL, then
the revision may not be necessary. However, please also keep
in mind that such situation is unlikely to happen, because this
clause is defining a particular case like “the occurrence of
emergency situations or tests”.
Therefore, if we want to be exact to the grammatical meaning
keeping in mind that there “may” be a case where no revision
would be needed at all (which seldom happens), the word
JISC -
Japanese
Industrial
Standards
Committe
e
2018
Version – July 2019 SC1 website related to interpretations 35 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
“where necessary” could be added in the sentence as follows:
e) periodically review, and where necessary, revise the
process(es) and planned response actions, in particular after
the occurrence of emergency situations or tests;
9.1.2 Is the intent of the requirement in clause 9.1.2,
"Evaluation of Compliance" that only those
working for on or behalf of the organization
conduct the evaluation(s) of compliance, or can
these evaluations include those conducted by
regulatory authorities?
The intent of Clause 9.1.2 is that an organization will
determine how it will periodically evaluate compliance, and
can choose to include evaluations conducted by internal
staff, consultants, and/or regulatory agencies. An
organization can use information from regulatory agency
audits/inspections as part of its compliance evaluation
process, but cannot rely on such audits/inspections alone.
Periodic compliance assessments performed on a sampling
basis (for example, those conducted internally, by
consultants, and/or by regulatory agencies) may satisfy the
requirement of clause 9.1.2 if, taken together, they cover all
applicable legal requirements over a period defined by the
organization.
ANSI -
American
National
Standards
Institute
2019
9.1.2 Is there an expectation in ISO 14001 that
compliance with ALL applicable compliance
obligations will be assessed for ALL
environmental media over some time frame
(e.g., every 3-5 years), or are periodic
ISO 14001 requires the organization to evaluate the
fulfilment of its compliance obligations (Clause 9.1.2). It
does not specify a particular methodology or frequency for
doing so. Periodic compliance assessments performed on a
sampling basis may satisfy this requirement if, taken
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 36 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
compliance assessments on a sampling basis
(selected based on the environmental
importance of activities, history of
noncompliance, and other factors) considered
adequate?
together, they cover all applicable compliance obligations
over a period defined by the organization.
9.2, 7.2 Does the standard require companies to select
internal auditors who are Certified
Environmental Engineers, have a background in
Environmental Management Programs, or have
previous work experience in the environmental
field? Based on section 9.2 of ISO 14001, "Select
auditors and conduct audits to ensure
objectivity and the impartiality of the audit
process." I believe that I can use personnel who
are trained in conducting audits regardless of
their Environmental work experience. I believe
that in order to ensure objectivity and
impartiality, the internal auditor should be
independent of the Environmental group. I also
believe that with proper training/education,
that the QMS internal audit team can audit the
EMS program. Can you provide some
clarification on this point?
ISO14001 does not contain specific requirements on
certification, education, or work experience for internal
auditors or any other position. Clause 7.2 on Competence,
requires an organization to “determine the necessary
competence of persons doing work under its control that
affects its environmental performance…”; “ensure that
these persons are competent on the basis of appropriate
education, training or experience”, “where applicable, take
actions to acquire the necessary competence, and evaluate
the effectiveness of the actions taken”; and, “retain
appropriate documentation as evidence of competence”.
These actions can include the provision of training,
mentoring, reassignment and hiring or contracting
competent persons. Thus, it is the intent of ISO 14001 that
the organization decides what education, training or
experience, including certifications, is appropriate for its
internal auditors.
Note: Although not required by ISO 14001, guidance on
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 37 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
selection and competence of internal auditors can be found
in ISO 19011.
9.2 If work is performed on multiple shifts that 8.1
Operational planning and control is required, or
8.2 Emergency preparedness and response may
be necessary, does 9.2 Internal audit require
that all shifts be included in the organization’s
internal audits?
ISO 14001 contains no specific requirement to conduct an
internal audit of all shifts. The organization must decide on
the appropriate scope of its internal audits to meet the
requirements of clause 9.2.2 and its own needs for audit
information. For additional clarification, refer to COI 02-
03.A2 on the topic of internal auditing.
ANSI -
American
National
Standards
Institute
2019
9.2 Does the requirement for internal audit (9.2)
include a compliance or financial audit?
No.
The internal audit provides information about whether the
EMS conforms to the requirements of the Standard and the
organization’s own requirements for its EMS (9.2.1). The
organization determines which requirements beyond those of
the Standard itself are EMS requirements, and will thus be
included in the scope of the internal audit. The internal audit is
not a financial audit, a compliance audit, or an audit of
conformity with interested parties’ needs and expectations.
The Standard’s new definition of nonconformity (3.4.3) clarifies
this by stating in Note 1 to Entry that nonconformity does not
mean non‐fulfilment of any and all requirements, it only means
non‐fulfilment of the requirements of the Standard and
additional EMS requirements the organization establishes for
itself. There is no change from the previous edition of the
Standard in this respect.
SCC -
Standards
Council of
Canada
2017
Version – July 2019 SC1 website related to interpretations 38 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
9.2.2 Does ISO 14001 section 9.2 require that the
organization conduct its internal EMS audit on
an annual basis?
No. Section 9.2.2 requires an organization to establish the
frequency of its environmental management system audits.
Since the "frequency” is not defined by ISO 14001, these
audits may or may not be conducted on an annual basis.
ANSI -
American
National
Standards
Institute
2019
9.2.2 Does ISO 14001 section 9.2 require that the
organization conduct its internal EMS audit on
an annual basis covering all elements (i.e. full
scope) of the ISO 14001 standard?
This question is in two parts. The first part asks whether ISO
14001 requires an annual audit. See the response to 02-
03.A1 for the answer to that question.
The second part asks whether an internal EMS audit must
cover all elements of ISO 14001 during the audit. The
environmental management system audit program takes
into consideration the environmental importance of the
process concerned, changes affecting the organization, and
the results of previous audits. According to ISO 14001, in
order to be comprehensive, the audit program shall cover
the audit criteria, scope, frequency and methods, as well as
the responsibilities and requirements for planning and
conducting audits, reporting results, and retaining
associated documented information. ISO 14001 does not
require that all elements of ISO 14001 be audited each and
every time an audit is conducted, nor does it require that
every single element be audited within a one-year period
but rather that the program shall be established with
consideration of the various factors described above.
ANSI -
American
National
Standards
Institute
2019
Version – July 2019 SC1 website related to interpretations 39 ©ISO/TC 207/SC 1
Clause in ISO 14001
Question Response NSB Year reviewed by SC 1 plenary
In addition, in determining its environmental management
system audit program, the organization should consider the
purpose of the audit, i.e., to determine whether or not the
environmental management system conforms to 1) the
organization’s own requirements for its environmental
management system; 2) the requirements of this
International Standard, and whether or not the
environmental management system has been effectively
implemented and maintained. These factors should be
considered by the organization in determining the necessity
for auditing each element of ISO 14001 and at what
frequency, e.g., (a) annually, or (b) each and every time an
audit is conducted, or (c) over a period that exceeds one
year.
Note: the questions and their responses above are provided in response to questions related to ISO 14001:2015. One should not infer that these responses are
valid with regard to the 2004 version of ISO 14001.